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This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1. (currently amended) A method for improving processor virtualization in x86 processor 
architectures and their equivalents, including but not limited to the IA32 architecture, said 
method comprising removing, replacing, or supplementing one or more predefined 
instructions in a guest operating system that adversely affect virtualization for a virtual 
machine operating on an x86 processor with synthetic instructions that cause at least one 
exception to be trappable by a virtualization layer, wherein said synthetic instructions are 
illegal to said architecture. 

2. (original) The method of claim 1 wherein said one or more instructions, include a 
member of the following group of instructions: PUSH CS, PUSH SS, MOV from SS, 
CALLF, VERR, VERW, and LAR. 

3. (original) The method of claim 1 wherein an instruction that adversely affects 
virtualization on an x86 processor is either replaced with or supplemented by a synthetic 
instruction that causes an exception in the x86 processor that is then trapped by a virtual 
machine running on said x86 processor for processing by said virtual machine. 

4. (original) The method of claim 3 wherein, for a first virtual machine running on a second 
virtual machine, an instruction that is either replaced with or supplemented by a synthetic 
instruction to cause an exception in the x86 processor that is then trapped by said first virtual 
machine running on said x86 processor for processing by said virtual machine by effectively 
by-passing said second virtual machine. 

5. (original) The method of claim 3 wherein said synthetic instruction is usable in both a 
user mode and a privileged mode. 

6. (original) The method of claim 3 wherein said synthetic instruction has no corollary to an 
existing x86 instruction. 

7. (original) The method of claim 3 wherein said synthetic instruction is an instruction for 

disabling direct execution (e.g., VMDXDSBL). 
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8. (original) The method of claim 3 wherein said synthetic instruction is an instruction for 
enabling (or re-enabling) direct execution (e.g., VMDXENBL). 

9. (original) The method of claim 3 wherein, for an instruction that is replaced with a 
synthetic instruction, the synthetic instruction is semantically similar to the instruction that is 
being replaced. 

10. (original) The method of claim 9 wherein an instruction of less than five bytes in length 
is replaced with a synthetic instruction of at least five bytes in length (e.g., to facilitate 
patching). 

11. (original) The method of claim 10 wherein an STI instruction is replaced with a synthetic 
instruction that is at least five bytes long (e.g., VMSTI). 

12. (original) The method of claim 10 wherein a CLI instruction is replaced with a synthetic 
instruction that is at least five bytes long (e.g., VMCLI). 

13. (original) The method of claim 3 wherein a CPUID instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMCPUID) that reads virtualized 
CPUID information. 

14. (original) The method of claim 3 wherein at least one multi-processor spin lock 
instruction in the guest operating system is supplemented with a synthetic instruction (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed. 

15. (original) The method of claim 3 wherein a PUSHF(D) instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a 
stack. 

16. (original) The method of claim 3 wherein a POPF(D) instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack. 
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17. (original) The method of claim 3 wherein an instruction that modifies a descriptor table 
entry in the guest operating system is replaced with a synthetic instruction (e.g., 
VMWRDESC) that updates the descriptor table entry, avoiding overheads associated with 
maintaining shadow descriptor tables. 

18. (original) The method of claim 3 wherein an SGDT instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSGDT) that stores a current GDT 
base and length to EAX. 

19. (original) The method of claim 3 wherein a SLDT instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSLDT) that stores the current LDT 
selector to EAX. 

20. (original) The method of claim 3 wherein a SIDT instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSIDT) that stores the current IDT 
base and length to EAX. 

21. (original) The method of claim 3 wherein a STR instruction in the guest operating system 
is replaced with a synthetic instruction (e.g., VMSTR) that stores the current TR selector to 
EAX. 

22. (original) The method of claim 3 wherein a CLI instruction in the guest operating system 
is replaced with a synthetic instruction (e.g., VMCLI) that clears a virtualized IF. 

23. (original) The method of claim 3 wherein a STI instruction in the guest operating system 
is replaced with a synthetic instruction (e.g., VMSTI) that sets a virtualized IF. 

24. (original) The method of claim 3 wherein a synthetic instruction for halting the processor 
(e.g., VMHALT) can be executed as user-level guest code. 

25. (currently amended) A method for an operating system to determine whether it is running 
on a virtualized processor or running directly on an x86 processor, said method comprising: 

executing a synthetic instruction (e.g., VMCPUID) for returning a value representing 
an identity for the central processing unit; 
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if a value is returned, then concluding that the operating system is running on a 
virtualized processor, and thereafter utilize synthetic instructions , wherein said synthetic 
instructions are configured to cause at least one exception to be trappable by a visualization 
layer, and wherein said synthetic instructions are illegal to said processor architecture ; and 

if an exception occurs, then concluding that the operating system is running directly 
on an x86 processor, and thereafter refrain from utilizing synthetic instructions. 

26. (original) The method of claim 25 further comprising, if a value is returned, then 
accessing or modifying features or behaviors of the underlying virtual machine monitor. 

27. (original) The method of claim 25 wherein the hexadecimal operation code for said 
synthetic instruction is OF C7 C8 01 00. 

28. (currently amended) A method for improving operating system code for efficient 
patching of trappable instructions using a long JMP instruction, said method comprising the 
step of, in the guest operating system, locating instances of trappable instructions that are less 
than five bytes long (e.g., STI and CLI instructions that run within ring-0 code) and replace 
these trappable instructions with corresponding synthetic instructions that are at least five 
bytes long (e.g., VMSTI and VMCLI respectively), wherein said synthetic instructions are 
configured to cause at least one exception to be trappable by a virtualization layer, and 
wherein said synthetic instructions are illegal to a processor architecture . 

29. (currently amended) A system for processing synthetic instructions on x86 processor 
architectures and their equivalents, including but not limited to the IA32 architecture, said 
system comprising 

a subsystem for trapping said synthetic instructions issued by a guest operating system 
after said synthetic instructions cause an exception in the x86 processor , wherein said 
synthetic instructions are configured to cause at least one exception to be trappable by a 
virtualization layer, and wherein said synthetic instructions are illegal to said processor 
architecture ; and 

a subsystem for processing said synthetic instructions for the guest operating system. 



Page 11 of 19 



DOCKET NO.: MSFT-2570/305 147.01 PATENT 
Application No.: 10/685,051 
Office Action Dated: June 27, 2007 

30. (original) The system of claim 29 further comprising a subsystem whereby a synthetic 
instruction (e.g., VMSPLAF) for determining when a spin lock acquisition has failed is 
trapped and processed. 

31. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a stack. 

32. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMPOPFD) for popping an IF off of a stack. 

33. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMWRDESC) that updates the descriptor table entry, avoiding 
overheads associated with maintaining shadow descriptor tables. 

34. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSGDT) for storing the current GDT base and length to EAX. 

35. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSLDT) for storing the current LDT selector to EAX. 

36. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSIDT) for storing the current IDT base and length to EAX. 

37. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSTR) for storing the current TR selector to EAX. 

38. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMCLI) for clearing a virtualized IF. 

39. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSTI) for setting a virtualized IF. 
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40. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction for halting the processor (e.g., VMHALT) can be executed as user-level 
guest code. 

41. (original) The system of claim 29 further comprising a subsystem for determining 
whether said system is running on a virtualized processor or running directly on an x86 
processor, said subsystem comprising: 

a subsystem for executing a synthetic instruction (e.g., VMCPUID) for returning a 
value representing an identity for features supported by the central processing unit; and 

a subsystem for determining if a value is returned and (a) if so, concluding that the 
operating system is running on a virtualized processor, and thereafter utilize synthetic 
instructions, and (b) if not, concluding that the operating system is running directly on an x86 
processor, and thereafter refrain from utilizing synthetic instructions. 

42. (original) The system of claim 41 further comprising a subsystem for accessing or 
modifying features or behaviors of the underlying virtual machine monitor if a value is 
returned. 

43. (original) The system of claim 41 wherein the hexadecimal operation code for said 
synthetic instruction is OF C7 C8 01 00. 

44. (original) The system of claim 29 wherein said synthetic instructions comprise a 
synthetic instruction for disabling direct execution (e.g., VMDXDSBL). 

45. (original) The system of claim 29 wherein said synthetic instructions comprise a 
synthetic instruction for enabling (or re-enabling) direct execution (e.g., VMDXENBL). 

46. (original) The system of claim 29 wherein said synthetic instructions comprise: 

a synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a stack; and 
a synthetic instruction (e.g., VMPOPFD) for popping an IF off of a stack. 

47. (original) The system of claim 46 wherein said synthetic instructions further comprise: 

a synthetic instruction (e.g., VMSGDT) for storing the current GDT base and length 
to EAX; 
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a synthetic instruction (e.g., VMSLDT) for storing the current LDT selector to EAX; 
a synthetic instruction (e.g., VMSIDT) for storing the current IDT base and length to 
EAX; and 

a synthetic instruction (e.g., VMSTR) for storing the current TR selector to EAX. 

48. (original) The system of claim 46 wherein said synthetic instructions further comprise: 

a synthetic instruction (e.g., VMCLI) for clearing a virtualized IF; and 
a synthetic instruction (e.g., VMSTI) for setting a virtualized IF. 

49. (original) The system of claim 46 wherein said synthetic instructions further comprise a 
synthetic instruction for determining when a spin lock acquisition has failed is trapped and 
processed. 

50. (original) The system of claim 46 wherein said synthetic instructions further comprise a 
synthetic instruction (e.g., VMCPUID) for returning a value representing an identity for the 
central processing unit. 

51. (original) The system of claim 50 wherein the hexadecimal operation code for said 
synthetic instruction is OF C7 C8 01 00. 

52. (currently amended) A computer-readable medium comprising storing thereon computer- 
readable instructions for improving processor visualization in x86 processor architectures 
and their equivalents, including but not limited to the IA32 architecture, said computer- 
readable instructions comprising synthetic instruction that causes an exception in the x86 
processor that is then trapped by a virtual machine monitor running on said x86 processor for 
processing by said virtual machine monitor, wherein said synthetic instructions are 
configured to cause at least one exception to be trappable by a virtualization layer, and 
wherein said synthetic instructions are illegal to said processor architecture . 

53. (previously presented) The computer-readable instructions of claim 52 further 
comprising instructions whereby at least one multi-processor spin lock instruction in the 
guest operating system is supplemented with a synthetic instruction (e.g., VMSPLAF) for 
determining when a spin lock acquisition has failed. 
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54. (currently amended) The computer-readable instructions of claim 52 further comprising a 
synthetic instruction (e.g., VMCPUID) for returning a value representing an identity for the 
central processing unit.[[.]] 

55. (previously presented) The computer- readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a stack. 

56. (previously presented) The computer-readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack. 

57. (previously presented) The computer-readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMSGDT) that stores the current GDT base and 
length to EAX. 

58. (previously presented) The computer- readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMSLDT) that stores the current LDT selector to 
EAX. 

59. (previously presented) The computer-readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMSIDT) that stores the current IDT base and length 
to EAX. 

60. (previously presented) The computer-readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMSTR) that stores the current TR selector to EAX. 

61. (previously presented) The computer-readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMCLI) that clears a virtualized IF. 

62. (previously presented) The computer-readable instructions of claim 52 further 
comprising a synthetic instruction (e.g., VMSTI) that sets a virtualized IF. 



Page 15 of 19 



DOCKET NO.: MSFT-2570/305 147.01 PATENT 
Application No.: 10/685,051 
Office Action Dated: June 27, 2007 

63. (previously presented) The computer-readable instructions of claim 52 further 
comprising instructions for determining whether said instructions are running on a virtualized 
processor or running directly on an x86 processor, said instructions comprising: 

instructions for executing a synthetic instruction for returning a value representing an 
identity for the central processing unit[[.]]; and 

instructions for determining if value corresponding to an identity for the central 
processing unit is returned and (a) if so, utilizing synthetic instructions, and (b) if not, 
suspending use of synthetic instructions. 

64. (original) The computer-readable instructions of claim 63 wherein the hexadecimal 
operation code for said synthetic instruction is OF C7 C8 01 00. 

65. (previously presented) A system for processing synthetic instructions when executing on 
x86 processor architectures and their equivalents, including but not limited to the IA32 
architecture, said system comprising: 

removing, replacing, or supplementing instances of one or more of the following 
predefined instructions in the guest operating system: PUSH CS, PUSH SS, MOV from SS, 
CALLF, VERR, VERW, and LAR with synthetic instructions that are configured to cause at 
least one exception to be trappable by a virtualization layer, and wherein said synthetic 
instructions are illegal to said processor architecture ; 

66. (original) A method for optimizing a guest operating system to improve processor 
virtualization when executing on x86 processor architectures and their equivalents, including 
but not limited to the IA32 architecture, said method comprising: 

removing, replacing, or supplementing instances of one or more of the following 
predefined instructions in the guest operating system: PUSH CS, PUSH SS, MOV from SS, 
CALLF, VERR, VERW, and LAR; 

replacing CPUID instructions in the guest operating system with synthetic instructions 
(e.g., VMCPUID) that reads virtualized CPUID information; 

supplementing spin lock instructions in the guest operating system with synthetic 
instructions (e.g., VMSPLAF) for determining when a spin lock acquisition has failed; 
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replacing PUSHF(D) instructions in the guest operating system with synthetic 
instructions (e.g., VMPUSHFD) for pushing IF onto a stack; 

replacing POPF(D) instructions in the guest operating system with synthetic 
instructions (e.g., VMPOPFD) for popping IF off of a stack; 

replacing SGDT instructions in the guest operating system with synthetic instructions 
(e.g., VMSGDT) for storing a current GDT base and length to EAX; 

replacing SLDT instructions in the guest operating system with synthetic instructions 
(e.g., VMSLDT) for storing a current LDT selector to EAX; 

replacing SIDT instructions in the guest operating system with synthetic instructions 
(e.g., VMSIDT) for storing a current IDT base and length to EAX; 

replacing STR instructions in the guest operating system with synthetic instructions 
(e.g., VMSTR) for storing the current TR selector to EAX; 

replacing CLI instructions in the guest operating system with synthetic instructions 
(e.g., VMCLI) for clearing a virtualized IF; 

replacing STI instructions in the guest operating system with synthetic instructions 
(e.g., VMSTI) for setting a virtualized IF. 

wherein at least one of synthetic instructions is configured to cause at least one 
exception to be trappable by a virtu alization layer, and wherein at least one of said synthetic 
instructions is illegal to said architecture 

67. (new) A method for processing synthetic instructions executable on a processor 
architecture, comprising: 

receiving synthetic instructions that are configured to cause at least one exception 
trappable by a virtualization layer, wherein said synthetic instructions are illegal to said 
architecture; and 

removing, replacing, or supplementing predefined instructions with said synthetic 
instructions. 
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